1
0
mirror of https://github.com/v2fly/v2ray-core.git synced 2024-12-21 09:36:34 -05:00
Commit Graph

1324 Commits

Author SHA1 Message Date
Shelikhoo
7dabfb755e
merge vmess zero encryption support 2021-03-04 00:12:37 +00:00
Loyalsoldier
49cf614346
Chore: update dependencies & protobuf (#728) 2021-03-03 17:31:53 +08:00
Shelikhoo
1368e92605
Imaginary Security Lever: zero: turn off all security on payload data 2021-03-01 15:39:52 +00:00
Xiaokang Wang
733c5dea88
Deprecate legacy VMess header with a planned decommission (#717) 2021-03-01 21:26:54 +08:00
yuhan6665
afb8385a7e
Feat: routing and freedom outbound ignore Fake DNS (#696)
Turn off fake DNS for request sent from Routing and Freedom outbound.
Fake DNS now only apply to DNS outbound.
This is important for Android, where VPN service take over all system DNS
traffic and pass it to core.  "UseIp" option can be used in Freedom outbound
to avoid getting fake IP and fail connection.

Co-authored-by: loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>
2021-02-23 10:17:20 +08:00
Shelikhoo
232ba8c26f
Apply coding style 2021-02-22 13:49:36 +00:00
Shelikhoo
9c9c45fe4f
Add Test for the KDF value 2021-02-22 13:25:12 +00:00
Shelikhoo
0024c6e028
Fix incorrect HMac Chaining, further checking needed 2021-02-22 13:20:36 +00:00
Loyalsoldier
a545bfe2c8
Feat: use Go v1.16 & support Apple Silicon (#686) 2021-02-19 13:24:19 +08:00
Loyalsoldier
f94dd11a8c
Chore: change module name (#677) 2021-02-17 04:31:50 +08:00
Loyalsoldier
f98944c9e0
Chore: update protobuf (#670) 2021-02-11 14:57:20 +08:00
Xiaokang Wang
38da831b75
Feature: Fake DNS support (#406)
* Add fake dns

A new config object "fake" in DnsObject for toggling fake dns function

Compare with sniffing, fake dns is not limited to http and tls traffic.
It works across all inbounds. For example, when dns request come
from one inbound, the local DNS server of v2ray will response with a
unique fake IP for every unique domain name. Then later on v2ray
received a request to one of the fake IP from any inbounds, it will
override the request destination with the previously saved domain.

By default, v2ray cache up to 65535 addresses. The old records will
be discarded bases on LRU. The fake IP will be 240.x.x.x

* fix an edge case when encounter a fake IP in use

* Move lru to common.cache package

* Added the necessary change to obtain request IP from sniffer

* Refactor the code so that it may stop depending on global variables in the future.

* Replace string manipulation code with more generic codes, hopefully this will work for both IPv4 and IPv6 networks.

* Try to use IPv4 version of address if possible

* Added Test Case for Fake Dns

* Added More Test Case for Fake Dns

* Stop user from creating a instance with LRU size more than subnet size, it will create a infinite loop

* Move Fake DNS to a separate package

* Generated Code for fakedns

* Encapsulate Fake DNS as a Instance wide service

* Added Support for metadata sniffer, which will be used for Fake DNS

* Dependency injection for fake dns

* Fake DNS As a Sniffer

* Remove stub object

* Remove global variable

* Update generated protobuf file for metadata only sniffing

* Apply Fake DNS config to session

* Loading for fake dns settings

* Bug fix

* Include fake dns in all

* Fix FakeDns Lint Condition

* Fix sniffer config

* Fix lint message

* Fix dependency resolution

* Fix fake dns not loaded as sniffer

* reduce ttl for fake dns

* Apply Coding Style

* Apply Coding Style

* Apply Coding Style

* Apply Coding Style

* Apply Coding Style

* Fix crashed when no fake dns

* Apply Coding Style

* Fix Fake DNS do not apply to UDP socket

* Fixed a bug prevent FakeDNS App Setting from become effective

* Fixed a caveat prevent FakeDNS App Setting from become effective

* Use log comparison to reduce in issue when it comes to really high value typical for ipv6 subnet

* Add build tag for fakedns

* Removal of FakeDNS specific logic at DNS client: making it a standard dns client

* Regenerate auto generated file

* Amended version of configure file

* Bug fixes for fakeDNS

* Bug fixes for fakeDNS

* Fix test: remove reference to removed attribute

* Test: fix codacy issue

* Conf: Remove old field support

* Test: fix codacy issue

* Change test scale for TestFakeDnsHolderCreateMappingAndRollOver

* Test: fix codacy issue

Co-authored-by: yuhan6665 <1588741+yuhan6665@users.noreply.github.com>
Co-authored-by: loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>
Co-authored-by: kslr <kslrwang@gmail.com>
2021-02-08 18:18:52 +08:00
dyhkwong
d8bc41e653
support enforcing VMessAEAD via environment variable (#596)
* support enforcing VMessAEAD via env var

to prevent downgrade attack

* Add comments to make Codacy Production happy
2021-02-08 18:08:01 +08:00
Kslr
795a3f632d
Test: fix race issue (#598)
other "race" problems are only in the test, and so I deleted the detection
2021-01-11 20:50:58 +08:00
maskedeken
9f8cb8bc8b
Fix: trojan: do not panic when UDP dispatcher fails to write response (#599) 2021-01-11 17:13:59 +08:00
Kslr
42f0f5dfec
remove deprecate ciphers in shadowsocks (#566)
* remove deprecate ciphers in shadowsocks
2021-01-01 10:18:00 +08:00
database64128
29f16cd054
🎳 Refine socks5 server UdpAssociate response behavior (#523)
- Previously, without specifying the server IP, the remote address in the response to a UdpAssoicate command is `127.0.0.1`, which might break UDP for non-localhost clients.
- This commit changes it so that, localhost clients get responses with the corresponding loopback IP, non-localhost clients get responses with the corresponding `net.AnyIP` or `net.AnyIPv6`.
- The new behavior is also consistent with many other implementations. So the compatibility is guaranteed. It also makes specifying server IP optional.
2020-12-16 16:39:14 +08:00
database64128
0eccf52399
🧦 Fix socks client UDP outbound's wrong destination (#522)
- When you connect to a non-localhost socks5 server, in the response of a UdpAssociate from a socks5 server, the remote address may be `::` or `0.0.0.0`. The previous behavior is to connect to the remote address in the response, which obviously fails.
- This commit changes the behavior to dial to the outbound server's address when the remote address in the response is `::` or `0.0.0.0`.
- Rename `cmdUDPPort` to `cmdUDPAssociate` for clarity.
2020-12-16 04:23:40 +08:00
Loyalsoldier
5e99737c12
Fix: close response body (#484) 2020-12-03 16:07:41 +08:00
Loyalsoldier
8cb2db5321
Fix: security issues & overflow potentiality (#465) 2020-11-28 21:56:20 +08:00
Loyalsoldier
b68f943c78
Fix lint according to golangci-lint (#439) 2020-11-22 05:05:01 +08:00
Kslr
623cb24644
Remove XTLS (#431)
* remove xtls

* generate pb

* Update protoc

* Clean up go.mod & go.sum

* format code

* restore vless flow

* fix codacy

* do NOT interfere with pb.go files

Co-authored-by: loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>
2020-11-20 15:53:10 +08:00
Chinsyo
2ac380788b
Some minor fixes (#433) 2020-11-20 01:02:52 +08:00
Chinsyo
32e0e6e484
Some minor fix (#430)
* fix typo pading to padding

* reorder common/buf/buffer.go code layout

* delete unused common/stack

Co-authored-by: Chinsyo <chinsyo@sina.cn>
2020-11-18 04:23:30 +08:00
Chinsyo
dc78733196
Refactor common/antireplay, unexport unnecessary public fields. (#422)
* rename AuthIDDecoderHolder private fields

* ignore unused return value more clear

* change PoolSwap to private fields

* refactor Unlock to defer

* use const capacity, reorder code layout

* replace mismatch field name poolX with type Filter

* change AntiReplayTime to private fileds, protect to modify

* rename lastSwapTime to lastSwap

* merge duplicate time.Now.
Since the current unit is in seconds, there is no need to repeat the call

* refine negate expression

* rename antiReplayTime to interval

* add docs

* fix lint stutter issue, rename antireplay.AntiReplayWindow to antireplay.ReplayFilter

* rename fileds m,n to poolA,poolB

* rename antireplay.go to replayfilter.go

* fix build issue

Co-authored-by: Chinsyo <chinsyo@sina.cn>
2020-11-17 21:05:26 +08:00
RPRX
f06ede1bc1
Fix stat 2020-11-12 08:45:03 +00:00
Arthur Morgan
e2392491d6
Add V2RAY_TROJAN_XTLS_SHOW (#391)
When using trojan, you can set the environment variable V2RAY_TROJAN_XTLS_SHOW=true to display the output of XTLS
2020-11-07 14:32:42 +00:00
RPRX
e8361016ae
VLESS XTLS ReadV 2020-11-03 14:32:17 +00:00
RPRX
21739e6f38
32 -> 0 2020-11-02 11:00:08 +00:00
單dar 于ɦʷa
e3b96a1b56
Disable 0-rtt mechanism for http/1 outbound (#372)
Fix #357

Co-authored-by: August Njam Brong <longran1989@gmail.com>
2020-10-31 11:03:46 +08:00
lucifer
770b994337
Refine unix domain socket (#367) 2020-10-29 07:30:38 +00:00
Loyalsoldier
f17063a08a
Update vprotogen (#366)
* Refine vprotogen
* Regenerate pb.go files
2020-10-29 09:27:05 +08:00
RPRX
3e87b187c4
Adjust VLESS & Trojan Validator 2020-10-22 04:53:27 +00:00
maskedeken
24f688cc20
Trojan Protocol Handler implements UserManager (#344)
* Trojan Protocol Handler implements UserManager

* Update validator.go

Co-authored-by: RPRX <63339210+rprx@users.noreply.github.com>
2020-10-22 04:01:26 +00:00
RPRX
c325faef38
Adjust Trojan over XTLS 2020-10-21 09:32:16 +00:00
RPRX
13ae4c25ac
Add flow to Trojan config.proto 2020-10-21 03:12:44 +00:00
ekenchan
3fc985dd0e
Add trojan over xtls support (#334)
* Add trojan over xtls support

* Add comments

* improve PR quality

* improve PR quality

* add xtls-rprx-origin-udp443 and xtls-rprx-direct-udp443

Co-authored-by: Eken Chan <maskedeken@yahoo.com>
2020-10-20 10:44:31 +00:00
Kslr
f7ed96f5d4
Merge pull request #292 from Loyalsoldier/refine-code
Refine code according to golangci-lint results
2020-10-13 13:50:04 +08:00
RPRX
95e7e0dee7
AtWarning() -> AtInfo() 2020-10-13 04:53:34 +00:00
loyalsoldier
784775f689
Refine code according to golangci-lint results 2020-10-11 19:22:46 +08:00
Loyalsoldier
bb44d01096
Format proto files using clang-format according to google style (#264)
* Format proto files using clang-format according to google style
* Regenerate pb.go files
2020-10-05 08:36:40 +08:00
RPRX
a308620073
Fix 2020-10-05 00:52:03 +08:00
RPRX
b8a78038a2
VLESS PREVIEW 2.3 2020-10-04 10:51:29 +00:00
loyalsoldier
b181045b0c
Errorgen: support to run outside of GOPATH 2020-10-04 13:06:12 +08:00
loyalsoldier
7a789fed37
Run go fmt 2020-10-04 06:29:21 +08:00
RPRX
36f0b7d6e4
Fix Trojan inbound access log (#255) 2020-10-03 15:24:04 +00:00
RPRX
271532fc84
Add full VLESS fallbacks support to Trojan (#254)
* Add full VLESS fallbacks support to Trojan

* Adjustments according to linter

* Use common.Must2() for pro.Write()
2020-10-03 13:12:35 +00:00
RPRX
60909dad31
VLESS PREVIEW 2.2 2020-10-03 03:23:24 +00:00
Kslr
9f344fa1c9
remove shadowsosks ota (#238)
* remove shadowsosks ota

* remove unused buf.Reader
2020-10-02 16:13:31 +08:00
RPRX
65565572d3
VLESS UDP over TCP struct breaking change (#239)
具体改变:每个 UDP 载荷前加两字节长度的 length,最大值为 2048-2=2046。若不使用 Mux,服务端与客户端均需升级至 v4.30.0+。这是 VLESS 公测版(0)协议结构本身唯一一次 breaking change,正式版(1)的服务端预计会长期同时支持该版本,第三方客户端的实现应当尽快跟进。
2020-09-30 01:39:03 +00:00
maskedeken
e445d21f4b
Add trojan protocol support (#181)
* Add trojan protocol support

Co-authored-by: Eken Chan <ekenchan@msn.com>
Co-authored-by: Loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>
Co-authored-by: GitHub Action <action@github.com>
2020-09-26 23:31:24 +08:00
RPRX
f55e05c166
int -> int32 2020-09-24 12:18:11 +00:00
RPRX
4b0aea1dca
Fix bug 2020-09-24 11:22:12 +00:00
RPRX
0e8e23897c
Tiny adjustment 2020-09-24 11:09:14 +00:00
RPRX
3072cdccf4
Add return 2020-09-24 11:02:27 +00:00
RPRX
648d4180aa
VLESS PREVIEW 2 2020-09-24 01:59:14 +00:00
RPRX
010fbf4d8b
Make isAEAD more efficient 2020-09-21 03:20:04 +00:00
RPRX
470dc8523b
Make isAEAD more efficient 2020-09-21 01:10:56 +00:00
Kslr
0cbed7e265
Merge pull request #187 from wwqgtxx/master
support disable vmess aead by os environ
2020-09-14 18:04:12 +08:00
wwqgtxx
43174d6951 support disable vmess aead by os environ 2020-09-14 17:49:59 +08:00
Darhwa
d2d4f48815 Fix the coarse-grained mutex in http outbound
fix v2ray#2731
2020-09-13 02:07:22 +08:00
Shelikhoo
e2e266114a
Fix incorrect IV usage which slightly reduced security 2020-09-12 16:27:40 +08:00
RPRX
ee1e18df24
Schedulers -> Flow 2020-09-11 03:37:23 +00:00
RPRX
2237528d1e
fix 2020-09-10 16:05:02 +00:00
RPRX
8c2e8e9db9
Add defer 2020-09-10 15:58:38 +00:00
Kslr
2a3fe11952
VMess AEAD will be used when alterId is 0 2020-09-09 00:02:53 +08:00
RPRX
16fe0b03f6
Do not convert @ to \x00 2020-09-07 16:39:53 +08:00
loyalsoldier
f12f76582f
Fix according to staticcheck result
staticcheck repo: https://github.com/dominikh/go-tools/tree/master/cmd/staticcheck
2020-08-30 23:41:15 +08:00
loyalsoldier
1fa89b32d4
Format: run go fmt ./... 2020-08-30 21:17:22 +08:00
RPRX
84aaf3a1e3
VLESS PREVIEW 1.5 2020-08-28 07:51:09 +00:00
loyalsoldier
f9175e3bc8
Fix according to go vet results 2020-08-26 19:35:33 +08:00
Shelikhoo
a40727a3dc
added drain for ss and improved vmess drain 2020-08-26 13:51:23 +08:00
Loyalsoldier
ef460f68f8
Adjust Protocol Buffers (#109)
* Update protoc binary executable files to v3.13.0

* Write proto files in more standard way

* Make go generate & vprotogen compatible with protoc-gen-gofast

* Regenerate pb.go files according to new proto files

* Clean go.sum by running go mod tidy

* Implement mustEmbedUnimplementedServiceServer for gPRC services
2020-08-24 12:10:26 +00:00
Darhwa
d05ddc8f78 Make http outbound 0-rtt 2020-08-15 23:58:58 +08:00
RPRX
5708edd117
VLESS PREVIEW 1.3 2020-08-04 13:08:35 +00:00
RPRX
070e72f581
unexpected -> invalid 2020-08-03 19:16:14 +00:00
RPRX
1cfc02e720
VLESS PREVIEW 1.2 2020-08-03 06:13:26 +00:00
RPRX
2c49559c61
Merge pull request #76 from Vigilans/vigilans/tproxy-sockopt
Apply sockopt from inbound config to dokodemo tproxy's response connection
2020-08-02 03:02:36 +00:00
Vigilans
30e312f72b Apply sockopt from inbound config to dokodemo tproxy's response connection 2020-08-01 02:04:06 +08:00
Darhwa
cae278dd00 Fix http outbound
Get correct TLS negotiated protocol when stats setting exists
2020-07-31 23:51:08 +08:00
Darhwa
1acb2fd854 Some cleaning and linting 2020-07-31 23:49:54 +08:00
RPRX
bad7e2cfd8
VLESS PREVIEW 1.1 2020-07-28 15:00:23 +00:00
lucifer9
9da4339d8a Add access log for dokodemo inbound 2020-07-13 21:02:19 +08:00
Shelikhoo
437a66b7de
Added Unit Test for VMessAEAD 2020-07-04 13:48:47 +08:00
Agioi Theodoroi
bbd3988f3d
clean up code 2020-06-27 07:51:42 +08:00
rprx
1432278c2c
Fix typo (#36) 2020-06-26 21:27:23 +08:00
Shelikhoo
f19f95af35
Update AEAD design to rely more on AEAD 2020-06-26 20:15:37 +08:00
Xiaokang Wang
327a6ee1f7
Merge pull request #18 from darhwa/enhance_http_outbound
使http outbound支持连接https与http/2代理服务器
2020-06-25 16:25:44 +08:00
Roger Shimizu
90af5f19ba
Apply Debian's patch to upstream 2020-06-24 12:57:03 +08:00
Darhwa
d29370a654 Enhance http outbound
1. Enables http outbound to set up a HTTP tunnel above HTTP/1.1,
  HTTP/1.1 over TLS, or HTTP/2 over TLS. Previously it only works for
  plain HTTP/1.1
2. In setting up CONNECT tunnel, replaces handcrafted request with
  standard http.Request
2020-06-20 23:03:44 +08:00
Shelikhoo
38868e0469
Fix context layering in Shadowsocks UDP 2020-06-19 17:52:39 +08:00
Shelikhoo
3e13d79af7
Fix TProxy Process Logic 2020-06-18 13:40:48 +08:00
Shelikhoo
73616ab9e2
branch context instead of layer it 2020-06-18 12:01:37 +08:00
Shelikhoo
d06a4d1f50
Added TestsEnabled Settings to enable VMessAEAD test 2020-06-08 16:50:50 +08:00
Shelikhoo
09b81b78c3
regenerate pb data 2020-06-08 16:16:32 +08:00
Shelikhoo
da0b63bc12
allow user to define tests enable for this server 2020-06-08 14:20:31 +08:00
Shelikhoo
870ff52775
Apply Coding Style 2020-06-08 13:25:33 +08:00
Shelikhoo
8c886b4b46
Apply Coding Style 2020-06-08 13:21:59 +08:00
Shelikhoo
a58b20b5b8
Reserve sign bit 2020-06-08 10:23:59 +08:00
Shelikhoo
78d7b4f183
Check replay only for AEAD connection, and later 2020-06-06 20:54:29 +08:00